I'm not sure what to do improve the situation, but there definitely seems like a need for improvement.
The contract at IXPs almost universally includes a phrase like "will not engage in fraudulent announcement of routes", but proving that happened to the satisfaction of a non-profit's board of directors is difficult. You really have to have completely collinear anatidae.
I'm stealing this phrase, please and thank you.
> sounds incredibly pretentious. I think most people would appreciate Plain English .
I can't speak for most people, but I didn't know what it meant, learned it after reading it, and found it quite appropriately funny and witty. I also learned a new word. There was nothing I found pretentious about it.
I think a helpful and reasonably objective criterion in deciding this might be whether the use of the phrase was (1) necessary to send the correct message, (2) required to understand the received message, and (3) liable to send an incorrect message. If #1 = no and #2 = yes, or if #3 = yes, then you should probably avoid using it. In this case it's #1 = no and #2 = no and #3 = no, so it's fine.
This very article describes the closest thing to that: NANOG is a collection of network operators, and they communicate with each other about the overall state and coordination of "the internet", which realistically is just "the total set of a lot of network operators agreeing to connect to each other".
Domain registration and DNS have much more centralization because there exists a root entity for the entire (public) system and an owner of each TLD: if an entity wants to remove example.com from existence, they can go to the .com operator and attempt to compel them to do that. For IP routing, you're talking about BGP between a vast number of different entities. By design, traffic can route a variety of ways between each point.
The only way they'd be impacted would be if some networks didn't implement your bad-actor-prefix-weight-mod, and then we'd just be penalizing the people who don't use your system along with the attackers, since we'd be routing the bad traffic via their networks.
So if someone does fat-finger a prefix announcement, it's followed by an email to the IX mailing lists and transit providers with an apology and a quick fix.
It starts to become apparent who made an honest mistake here and there and who's acting maliciously.
Proving a business relationship sounds like a multi-day endeavor, whereas you typically want to undo the damage ASAP.
One more count of fraud don’t mean a thing to these criminal operations.
It's a shame that the ISP is bankrupted, it could be a very nice product also to sell. I was in charge of this software, I can reproduce it easily (unfortunately I don't get the source code) and put online then everyone can use and improve.
BGP really needs some more organized security, but that's nothing new, and i'm sure not super easy to organize.
The thing explicitly takes ~2-3mins to send a HTTP POST to each of their advertising partners saying you've opted out (and warns "Some vendors cannot receive opt-out requests via https protocols so the processing of your opt-out request is incomplete")... lovely.
At the end of the day, BGP is a very trusting protocol and it requires keeping the neighborhood clean and clear. IMO providers should be filtering prefixes their clients shouldn't be announcing (al la BCP38) but keeping up on the various IP blocks being shifted around is a paperwork nightmare I'm sure.
For instance: If the IX is located on the 15th floor of the building. An ISP might be colocated on the 12th floor. Fiber XC from 12.501.P4.D4 (12th floor, row 5, rack 01, fiber patch panel 4, SC duplex port D4) to 15.201.P1.D4, then a fiber cable from D4 to an SFP+ port on the IX's switch. Unless somebody physically hijacks your fiber crossconnect and moves it (which would be noticed as hard down immediately) it's pretty hard to pretend to be another ISP, from the perspective of the switch fabric operator of the IX.
Any asshole can theoretically make a fraudulent LOA, but by producing one to an upstream a hijack factory opens itself up to criminal charges of fraud and forgery.
Did they host it in their AS and now their AS is unreachable?
The ASN was mentioned in the article as being listed by Spamhaus ASN Droplist but wasn't mentioned earlier as one of the targeted ASNs.
Edit: reviewed the ASN more and it is the Ebony Horizon mentioned in the article, and it is only peered to BitCanal's primary AS197426, which is subsequently being de-peered, so I'd say that is the main reason bitcanal.com is down :)